﻿<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%option explicit%>
<%
Dim RZ_IN
RZ_IN=1
%>
<!--#include file="../conn.inc.asp" -->
<!--#include file="admin_inc/admin.function.asp" -->
<!--#include file="admin_inc/admin.sqlfunction.asp" -->
<!--#include file="admin_inc/MD5.asp" -->
<%
checkadmin(4)
Dim name,upper,act,id,rsa,sqla,password,level,question,answer
name=HTMLEncode(request.Form("name"))
If (name="") Then
historygoback("请填写用户名")
End If 
password=HTMLEncode(request.Form("password"))
level=HTMLEncode(request.Form("level"))
act=HTMLEncode(request.Form("act"))
id=HTMLEncode(request.Form("id"))
question=HTMLEncode(request.Form("question"))
answer=HTMLEncode(request.Form("answer"))
If act="addsave" Then 
	If (password="") Then
	historygoback("请填写用户密码")
	End If 
	Set rsa = Server.CreateObject("ADODB.Recordset")
	sqla = "select * from [c_user]"
	rsa.open sqla,conn,1,3
	rsa.addnew
	rsa("name")=name
	rsa("password")=md5(password)
	rsa("level")=level
	rsa("question")=question
	rsa("answer")=answer
	rsa.update
	rsa.close
	Set rsa=Nothing
	response.redirect("showmsg.asp?from=user_list.asp&msg=AddSuccess")
End If 
If act="modifysave" Then 
	Set rsa = Server.CreateObject("ADODB.Recordset")
	sqla = "select * from [c_user] where id="&id
	rsa.open sqla,conn,1,3
	rsa("name")=name
	If Len(password)>0 then
	rsa("password")=md5(password)
	End If 
	rsa("level")=level
	rsa("question")=question
	rsa("answer")=answer
	rsa.update
	rsa.close
	Set rsa=Nothing 
	response.redirect("showmsg.asp?from=user_list.asp&msg=ModifySuccess")
End If 
%>